Security Now 311
Episode 311 |
Topic: Anatomy of a Security Mistake Recorded: July 27, 2011 Published: July 27, 2011 Duration: 1:12:51 |
Contents
Security Now 311: Anatomy of a Security Mistake
News & Errata
- Apple iOS updated to v4.3.5, fixes a certificate issues.
- a new Mac tool from Passware (cost $995), that gives access to the whole the Mac system through a firewire connection (Firewire has DMA access to ALL system resources).
- Apple Battery Hack: default password in battery controller firmware can be used to change voltage data to kill batteries by blocking cell charging.
Spinrite Story
Happy but confused, SpinRite presented a Red screen with an error code, but rebooting and restarting SpinRite it went all OK
Anatomy of a Security Mistake
Introduction to Signed/Unsigned number representation in Binary
Positive numbers are represented as is in binary, for example, these numbers in decimal becomes
0 | 00000000 |
1 | 00000001 |
2 | 00000010 |
3 | 00000011 |
Negative numbers are represented by taking the positive number, inverting all bits, then adding one, like this:
1 | 00000001 |
inverted | 11111110 |
add 1 | 00000001 |
-1 becomes | 11111111 |
and so on
Introduction to blowfish encryption
Blowfish works 1 byte (8 bits) at a time, but the register used is a 32bit register, so the developer used 1 32bit register to store 4 bytes at a time. This is done by adding 1 byte/8 bits to the register, shifting left by 8 bits, then repeat another 3 times. Like this you end up by having 4 byte (32 bits) in 1 32 bit register, which is all correct. The adding by itself is done by doing an OR operation between the 32bit register and the byte contents.
Operation | Data | Register status |
Empty the register | 00000000 00000000 00000000 00000000 | |
OR'ing first byte | 01010101 | 00000000 00000000 00000000 01010101 |
shift left by 8 bits | 00000000 00000000 01010101 00000000 | |
OR'ing second byte | 10101010 | 00000000 00000000 01010101 10101010 |
shift left by 8 bits | 00000000 01010101 10101010 00000000 | |
OR'ing third byte | 11001100 | 00000000 01010101 10101010 11001100 |
shift left by 8 bits | 01010101 10101010 11001100 00000000 | |
OR'ing forth byte | 00110011 | 01010101 10101010 11001100 00110011 |
Where is the problem?
The algorithm was coded in C language, and the register is defined as a 32bit unsigned, while the 1 byte is defined as just "char", and in C language the "char" is considered as a signed value.
When the compiler sees the OR operation between a 32 bit unsigned value and a 8 bit signed value, it "pads" the 8 bits value to make 32 bits, with an operation called sign extension. What Sign extension does is that it takes the highest bit (left-most) and pads its value to the rest of the bits. For example:
Decimal value | 8 bit register | 32 bit extended register |
3 | 00000011 | 00000000 00000000 00000000 00000011 |
-3 | 11111101 | 11111111 11111111 11111111 11111101 |
This is all correct in normal use, EXCEPT that ORing 1 to the register, all the resulting register is wiped out with 1. In the Blowfish case, the first 3 bytes gets wiped out and only every 4th byte is maintained.
For example, the last step in the blowfish becomes:
Operation | Data | Register status |
Initial Register status for step 4 | 01010101 10101010 11001100 00000000 | |
1 Byte value, after extension | 11010111 | 11111111 11111111 11111111 11010111 |
ORing char to register | 11111111 11111111 11111111 11010111 | |
Final register value | 11111111 11111111 11111111 11010111 |
The fix of this bug in the C code of the algorithm was simply by defining the char as unsigned char
Sponsors
- SqaureSpace, offer code: securitynow7 (10% off for 6 months)
- Netflix, offer code: securitynow
Production Information
- Edited by: Tech_Engineer
- Notes:
![]() |
This area is for use by TWiT staff only. Please do not add or edit any content within this section. |